Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 161570 Details for
Bug 232642
mail-mta/postfix Insufficient mailbox owner/symlink checks (CVE-2008-2936, CVE-2008-2937)
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
postfix-2.4.7-CVE-2008-2937.patch
postfix-2.4.7-CVE-2008-2937.patch (text/plain), 21.55 KB, created by
Robert Buchholz (RETIRED)
on 2008-07-28 19:34:44 UTC
(
hide
)
Description:
postfix-2.4.7-CVE-2008-2937.patch
Filename:
MIME Type:
Creator:
Robert Buchholz (RETIRED)
Created:
2008-07-28 19:34:44 UTC
Size:
21.55 KB
patch
obsolete
>diff --git a/HISTORY b/HISTORY >index 73db63f..bfc98a1 100644 >--- a/HISTORY >+++ b/HISTORY >@@ -13599,3 +13599,9 @@ Apologies for any names omitted. > prevent dovecot-auth memory wastage. Timo Sirainen. File: > xsasl/xsasl_dovecot_server.c. > >+20080725 >+ >+ Paranoia: defer delivery when a mailbox file is not owned >+ by the recipient. Requested by Sebastian Krahmer, SuSE. >+ Specify "strict_mailbox_ownership=no" to ignore ownership >+ discrepancies. Files: local/mailbox.c, virtual/mailbox.c. >diff --git a/RELEASE_NOTES b/RELEASE_NOTES >index cf371e5..fb5f4cd 100644 >--- a/RELEASE_NOTES >+++ b/RELEASE_NOTES >@@ -11,6 +11,14 @@ instead, a new snapshot is released. > The mail_release_date configuration parameter (format: yyyymmdd) > specifies the release date of a stable release or snapshot release. > >+Incompatibility with Postfix 2.4.7 >+================================== >+ >+When a mailbox file is not owned by its recipient, the local and >+virtual delivery agents now log a warning and defer delivery. >+Specify "strict_mailbox_ownership = no" to ignore such ownership >+discrepancies. >+ > Incompatibility with Postfix 2.4.4 > ================================== > >diff --git a/html/local.8.html b/html/local.8.html >index de3fd4f..9cece01 100644 >--- a/html/local.8.html >+++ b/html/local.8.html >@@ -394,6 +394,12 @@ LOCAL(8) LOCAL(8) > attempt; do not update the Delivered-To: address > while expanding aliases or .forward files. > >+ Available in Postfix version 2.4.7-r1 and later: >+ >+ <b><a href="postconf.5.html#strict_mailbox_ownership">strict_mailbox_ownership</a> (yes)</b> >+ Defer delivery when a mailbox file is not owned by >+ its recipient. >+ > <b>DELIVERY METHOD CONTROLS</b> > The precedence of <a href="local.8.html"><b>local</b>(8)</a> delivery methods from high to > low is: aliases, .forward files, <a href="postconf.5.html#mailbox_transport_maps">mailbox_transport_maps</a>, >@@ -532,6 +538,12 @@ LOCAL(8) LOCAL(8) > agent allows in $name expansions of $<a href="postconf.5.html#command_execution_directory">command_execu</a>- > <a href="postconf.5.html#command_execution_directory">tion_directory</a>. > >+ Available in Postfix version 2.4.7-r1 and later: >+ >+ <b><a href="postconf.5.html#strict_mailbox_ownership">strict_mailbox_ownership</a> (yes)</b> >+ Defer delivery when a mailbox file is not owned by >+ its recipient. >+ > <b>MISCELLANEOUS CONTROLS</b> > <b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b> > The default location of the Postfix <a href="postconf.5.html">main.cf</a> and >diff --git a/html/postconf.5.html b/html/postconf.5.html >index a19b6b3..7952563 100644 >--- a/html/postconf.5.html >+++ b/html/postconf.5.html >@@ -11602,6 +11602,17 @@ This feature is available in Postfix 2.0 and later. > > </DD> > >+<DT><b><a name="strict_mailbox_ownership">strict_mailbox_ownership</a> >+(default: yes)</b></DT><DD> >+ >+<p> Defer delivery when a mailbox file is not owned by its recipient. >+The default setting is not backwards compatible. </p> >+ >+<p> This feature is available in Postfix 2.4.7-r1 and later. </p> >+ >+ >+</DD> >+ > <DT><b><a name="strict_mime_encoding_domain">strict_mime_encoding_domain</a> > (default: no)</b></DT><DD> > >diff --git a/html/virtual.8.html b/html/virtual.8.html >index 3d7e526..0341911 100644 >--- a/html/virtual.8.html >+++ b/html/virtual.8.html >@@ -200,9 +200,15 @@ VIRTUAL(8) VIRTUAL(8) > destination for final delivery to domains listed > with $<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a>. > >+ Available in Postfix version 2.4.7-r1 and later: >+ >+ <b><a href="postconf.5.html#strict_mailbox_ownership">strict_mailbox_ownership</a> (yes)</b> >+ Defer delivery when a mailbox file is not owned by >+ its recipient. >+ > <b>LOCKING CONTROLS</b> > <b><a href="postconf.5.html#virtual_mailbox_lock">virtual_mailbox_lock</a> (see 'postconf -d' output)</b> >- How to lock a UNIX-style <a href="virtual.8.html"><b>virtual</b>(8)</a> mailbox before >+ How to lock a UNIX-style <a href="virtual.8.html"><b>virtual</b>(8)</a> mailbox before > attempting delivery. > > <b><a href="postconf.5.html#deliver_lock_attempts">deliver_lock_attempts</a> (20)</b> >@@ -210,41 +216,41 @@ VIRTUAL(8) VIRTUAL(8) > sive lock on a mailbox file or <a href="bounce.8.html"><b>bounce</b>(8)</a> logfile. > > <b><a href="postconf.5.html#deliver_lock_delay">deliver_lock_delay</a> (1s)</b> >- The time between attempts to acquire an exclusive >+ The time between attempts to acquire an exclusive > lock on a mailbox file or <a href="bounce.8.html"><b>bounce</b>(8)</a> logfile. > > <b><a href="postconf.5.html#stale_lock_time">stale_lock_time</a> (500s)</b> >- The time after which a stale exclusive mailbox >+ The time after which a stale exclusive mailbox > lockfile is removed. > > <b>RESOURCE AND RATE CONTROLS</b> > <b><a href="postconf.5.html#virtual_destination_concurrency_limit">virtual_destination_concurrency_limit</a> ($<a href="postconf.5.html#default_destination_concurrency_limit">default_destina</a>-</b> > <b><a href="postconf.5.html#default_destination_concurrency_limit">tion_concurrency_limit</a>)</b> >- The maximal number of parallel deliveries to the >- same destination via the virtual message delivery >+ The maximal number of parallel deliveries to the >+ same destination via the virtual message delivery > transport. > > <b><a href="postconf.5.html#virtual_destination_recipient_limit">virtual_destination_recipient_limit</a> ($<a href="postconf.5.html#default_destination_recipient_limit">default_destina</a>-</b> > <b><a href="postconf.5.html#default_destination_recipient_limit">tion_recipient_limit</a>)</b> >- The maximal number of recipients per delivery via >+ The maximal number of recipients per delivery via > the virtual message delivery transport. > > <b><a href="postconf.5.html#virtual_mailbox_limit">virtual_mailbox_limit</a> (51200000)</b> >- The maximal size in bytes of an individual mailbox >+ The maximal size in bytes of an individual mailbox > or maildir file, or zero (no limit). > > <b>MISCELLANEOUS CONTROLS</b> > <b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b> >- The default location of the Postfix <a href="postconf.5.html">main.cf</a> and >+ The default location of the Postfix <a href="postconf.5.html">main.cf</a> and > <a href="master.5.html">master.cf</a> configuration files. > > <b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b> >- How much time a Postfix daemon process may take to >- handle a request before it is terminated by a >+ How much time a Postfix daemon process may take to >+ handle a request before it is terminated by a > built-in watchdog timer. > > <b><a href="postconf.5.html#delay_logging_resolution_limit">delay_logging_resolution_limit</a> (2)</b> >- The maximal number of digits after the decimal >+ The maximal number of digits after the decimal > point when logging sub-second delay values. > > <b><a href="postconf.5.html#ipc_timeout">ipc_timeout</a> (3600s)</b> >@@ -252,33 +258,33 @@ VIRTUAL(8) VIRTUAL(8) > over an internal communication channel. > > <b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b> >- The maximum amount of time that an idle Postfix >- daemon process waits for an incoming connection >+ The maximum amount of time that an idle Postfix >+ daemon process waits for an incoming connection > before terminating voluntarily. > > <b><a href="postconf.5.html#max_use">max_use</a> (100)</b> >- The maximal number of incoming connections that a >- Postfix daemon process will service before termi- >+ The maximal number of incoming connections that a >+ Postfix daemon process will service before termi- > nating voluntarily. > > <b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b> >- The process ID of a Postfix command or daemon >+ The process ID of a Postfix command or daemon > process. > > <b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b> >- The process name of a Postfix command or daemon >+ The process name of a Postfix command or daemon > process. > > <b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b> >- The location of the Postfix top-level queue direc- >+ The location of the Postfix top-level queue direc- > tory. > > <b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b> > The syslog facility of Postfix logging. > > <b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b> >- The mail system name that is prepended to the >- process name in syslog records, so that "smtpd" >+ The mail system name that is prepended to the >+ process name in syslog records, so that "smtpd" > becomes, for example, "postfix/smtpd". > > <b>SEE ALSO</b> >@@ -291,20 +297,20 @@ VIRTUAL(8) VIRTUAL(8) > <a href="VIRTUAL_README.html">VIRTUAL_README</a>, domain hosting howto > > <b>LICENSE</b> >- The Secure Mailer license must be distributed with this >+ The Secure Mailer license must be distributed with this > software. > > <b>HISTORY</b> >- This delivery agent was originally based on the Postfix >- local delivery agent. Modifications mainly consisted of >- removing code that either was not applicable or that was >- not safe in this context: aliases, ~user/.forward files, >+ This delivery agent was originally based on the Postfix >+ local delivery agent. Modifications mainly consisted of >+ removing code that either was not applicable or that was >+ not safe in this context: aliases, ~user/.forward files, > delivery to "|command" or to /file/name. > > The <b>Delivered-To:</b> message header appears in the <b>qmail</b> sys- > tem by Daniel Bernstein. > >- The <b>maildir</b> structure appears in the <b>qmail</b> system by >+ The <b>maildir</b> structure appears in the <b>qmail</b> system by > Daniel Bernstein. > > <b>AUTHOR(S)</b> >diff --git a/man/man5/postconf.5 b/man/man5/postconf.5 >index 7af763b..ba9f36a 100644 >--- a/man/man5/postconf.5 >+++ b/man/man5/postconf.5 >@@ -7062,6 +7062,11 @@ This feature should not be enabled on a general purpose mail server, > because it is likely to reject legitimate email. > .PP > This feature is available in Postfix 2.0 and later. >+.SH strict_mailbox_ownership (default: yes) >+Defer delivery when a mailbox file is not owned by its recipient. >+The default setting is not backwards compatible. >+.PP >+This feature is available in Postfix 2.4.7-r1 and later. > .SH strict_mime_encoding_domain (default: no) > Reject mail with invalid Content-Transfer-Encoding: information > for the message/* or multipart/* MIME content types. This blocks >diff --git a/man/man8/local.8 b/man/man8/local.8 >index 4452007..5af15a9 100644 >--- a/man/man8/local.8 >+++ b/man/man8/local.8 >@@ -412,6 +412,10 @@ Update the \fBlocal\fR(8) delivery agent's idea of the Delivered-To: > address (see prepend_delivered_header) only once, at the start of > a delivery attempt; do not update the Delivered-To: address while > expanding aliases or .forward files. >+.PP >+Available in Postfix version 2.4.7-r1 and later: >+.IP "\fBstrict_mailbox_ownership (yes)\fR" >+Defer delivery when a mailbox file is not owned by its recipient. > .SH "DELIVERY METHOD CONTROLS" > .na > .nf >@@ -510,7 +514,7 @@ Restrict \fBlocal\fR(8) mail delivery to external commands. > Restrict \fBlocal\fR(8) mail delivery to external files. > .IP "\fBcommand_expansion_filter (see 'postconf -d' output)\fR" > Restrict the characters that the \fBlocal\fR(8) delivery agent allows in >-$name expansions of $mailbox_command. >+$name expansions of $mailbox_command and $command_execution_directory. > .IP "\fBdefault_privs (nobody)\fR" > The default rights used by the \fBlocal\fR(8) delivery agent for delivery > to external file or command. >@@ -522,6 +526,10 @@ Available in Postfix version 2.2 and later: > .IP "\fBexecution_directory_expansion_filter (see 'postconf -d' output)\fR" > Restrict the characters that the \fBlocal\fR(8) delivery agent allows > in $name expansions of $command_execution_directory. >+.PP >+Available in Postfix version 2.4.7-r1 and later: >+.IP "\fBstrict_mailbox_ownership (yes)\fR" >+Defer delivery when a mailbox file is not owned by its recipient. > .SH "MISCELLANEOUS CONTROLS" > .na > .nf >diff --git a/man/man8/virtual.8 b/man/man8/virtual.8 >index b45ac26..22e41b5 100644 >--- a/man/man8/virtual.8 >+++ b/man/man8/virtual.8 >@@ -213,6 +213,10 @@ mail is delivered via the $virtual_transport mail delivery transport. > .IP "\fBvirtual_transport (virtual)\fR" > The default mail delivery transport and next-hop destination for > final delivery to domains listed with $virtual_mailbox_domains. >+.PP >+Available in Postfix version 2.4.7-r1 and later: >+.IP "\fBstrict_mailbox_ownership (yes)\fR" >+Defer delivery when a mailbox file is not owned by its recipient. > .SH "LOCKING CONTROLS" > .na > .nf >diff --git a/mantools/postlink b/mantools/postlink >index b4771d9..e2503ca 100755 >--- a/mantools/postlink >+++ b/mantools/postlink >@@ -496,6 +496,7 @@ while (<>) { > s;\bstrict_8bitmime\b;<a href="postconf.5.html#strict_8bitmime">$&</a>;g; > s;\bstrict_8bitmime_body\b;<a href="postconf.5.html#strict_8bitmime_body">$&</a>;g; > s;\bstrict_mime_encoding_domain\b;<a href="postconf.5.html#strict_mime_encoding_domain">$&</a>;g; >+ s;\bstrict_mailbox_ownership\b;<a href="postconf.5.html#strict_mailbox_ownership">$&</a>;g; > s;\bstrict_rfc821_envelopes\b;<a href="postconf.5.html#strict_rfc821_envelopes">$&</a>;g; > s;\bsun_mailtool_compatibility\b;<a href="postconf.5.html#sun_mailtool_compatibility">$&</a>;g; > s;\bswap_bangpath\b;<a href="postconf.5.html#swap_bangpath">$&</a>;g; >diff --git a/proto/postconf.proto b/proto/postconf.proto >index f5a90ed..7761e7e 100644 >--- a/proto/postconf.proto >+++ b/proto/postconf.proto >@@ -10586,3 +10586,10 @@ to the SASL authcid, but this causes inter-operability problems > with some SMTP servers. </p> > > <p> This feature is available in Postfix 2.4.4 and later. </p> >+ >+%PARAM strict_mailbox_ownership yes >+ >+<p> Defer delivery when a mailbox file is not owned by its recipient. >+The default setting is not backwards compatible. </p> >+ >+<p> This feature is available in Postfix 2.4.7-r1 and later. </p> >diff --git a/src/global/mail_params.h b/src/global/mail_params.h >index 2785921..9cf6216 100644 >--- a/src/global/mail_params.h >+++ b/src/global/mail_params.h >@@ -2783,6 +2783,13 @@ extern char *var_milt_v; > #define DEF_INT_FILT_CLASSES "" > extern char *var_int_filt_classes; > >+ /* >+ * Mailbox ownership. >+ */ >+#define VAR_STRICT_MBOX_OWNER "strict_mailbox_ownership" >+#define DEF_STRICT_MBOX_OWNER 1 >+extern bool var_strict_mbox_owner; >+ > /* LICENSE > /* .ad > /* .fi >diff --git a/src/global/mail_version.h b/src/global/mail_version.h >index ae94ab9..7ceadad 100644 >--- a/src/global/mail_version.h >+++ b/src/global/mail_version.h >@@ -20,8 +20,8 @@ > * Patches change both the patchlevel and the release date. Snapshots have no > * patchlevel; they change the release date only. > */ >-#define MAIL_RELEASE_DATE "20080131" >-#define MAIL_VERSION_NUMBER "2.4.7" >+#define MAIL_RELEASE_DATE "20080726" >+#define MAIL_VERSION_NUMBER "2.4.7-r1" > > #ifdef SNAPSHOT > # define MAIL_VERSION_DATE "-" MAIL_RELEASE_DATE >diff --git a/src/local/local.c b/src/local/local.c >index 557be6f..72ea49f 100644 >--- a/src/local/local.c >+++ b/src/local/local.c >@@ -378,6 +378,10 @@ > /* address (see prepend_delivered_header) only once, at the start of > /* a delivery attempt; do not update the Delivered-To: address while > /* expanding aliases or .forward files. >+/* .PP >+/* Available in Postfix version 2.4.7-r1 and later: >+/* .IP "\fBstrict_mailbox_ownership (yes)\fR" >+/* Defer delivery when a mailbox file is not owned by its recipient. > /* DELIVERY METHOD CONTROLS > /* .ad > /* .fi >@@ -468,7 +472,7 @@ > /* Restrict \fBlocal\fR(8) mail delivery to external files. > /* .IP "\fBcommand_expansion_filter (see 'postconf -d' output)\fR" > /* Restrict the characters that the \fBlocal\fR(8) delivery agent allows in >-/* $name expansions of $mailbox_command. >+/* $name expansions of $mailbox_command and $command_execution_directory. > /* .IP "\fBdefault_privs (nobody)\fR" > /* The default rights used by the \fBlocal\fR(8) delivery agent for delivery > /* to external file or command. >@@ -480,6 +484,10 @@ > /* .IP "\fBexecution_directory_expansion_filter (see 'postconf -d' output)\fR" > /* Restrict the characters that the \fBlocal\fR(8) delivery agent allows > /* in $name expansions of $command_execution_directory. >+/* .PP >+/* Available in Postfix version 2.4.7-r1 and later: >+/* .IP "\fBstrict_mailbox_ownership (yes)\fR" >+/* Defer delivery when a mailbox file is not owned by its recipient. > /* MISCELLANEOUS CONTROLS > /* .ad > /* .fi >@@ -641,6 +649,7 @@ int var_mailtool_compat; > char *var_mailbox_lock; > int var_mailbox_limit; > bool var_frozen_delivered; >+bool var_strict_mbox_owner; > > int local_cmd_deliver_mask; > int local_file_deliver_mask; >@@ -887,6 +896,7 @@ int main(int argc, char **argv) > VAR_STAT_HOME_DIR, DEF_STAT_HOME_DIR, &var_stat_home_dir, > VAR_MAILTOOL_COMPAT, DEF_MAILTOOL_COMPAT, &var_mailtool_compat, > VAR_FROZEN_DELIVERED, DEF_FROZEN_DELIVERED, &var_frozen_delivered, >+ VAR_STRICT_MBOX_OWNER, DEF_STRICT_MBOX_OWNER, &var_strict_mbox_owner, > 0, > }; > >diff --git a/src/local/mailbox.c b/src/local/mailbox.c >index 92bd79d..d35ef66 100644 >--- a/src/local/mailbox.c >+++ b/src/local/mailbox.c >@@ -194,6 +194,12 @@ static int deliver_mailbox_file(LOCAL_STATE state, USER_ATTR usr_attr) > vstream_fclose(mp->fp); > dsb_simple(why, "5.2.0", > "destination %s is not a regular file", mailbox); >+ } else if (var_strict_mbox_owner && st.st_uid != usr_attr.uid) { >+ vstream_fclose(mp->fp); >+ dsb_simple(why, "4.2.0", >+ "destination %s is not owned by recipient", mailbox); >+ msg_warn("specify \"%s = no\" to ignore mailbox ownership mismatch", >+ VAR_STRICT_MBOX_OWNER); > } else { > end = vstream_fseek(mp->fp, (off_t) 0, SEEK_END); > mail_copy_status = mail_copy(COPY_ATTR(state.msg_attr), mp->fp, >diff --git a/src/virtual/mailbox.c b/src/virtual/mailbox.c >index 09fc54b..f0ad6eb 100644 >--- a/src/virtual/mailbox.c >+++ b/src/virtual/mailbox.c >@@ -125,6 +125,12 @@ static int deliver_mailbox_file(LOCAL_STATE state, USER_ATTR usr_attr) > msg_warn("recipient %s: destination %s is not a regular file", > state.msg_attr.rcpt.address, usr_attr.mailbox); > dsb_simple(why, "5.3.5", "mail system configuration error"); >+ } else if (var_strict_mbox_owner && st.st_uid != usr_attr.uid) { >+ vstream_fclose(mp->fp); >+ dsb_simple(why, "4.2.0", >+ "destination %s is not owned by recipient", usr_attr.mailbox); >+ msg_warn("specify \"%s = no\" to ignore mailbox ownership mismatch", >+ VAR_STRICT_MBOX_OWNER); > } else { > end = vstream_fseek(mp->fp, (off_t) 0, SEEK_END); > mail_copy_status = mail_copy(COPY_ATTR(state.msg_attr), mp->fp, >diff --git a/src/virtual/virtual.c b/src/virtual/virtual.c >index 7d6e1b8..57b4098 100644 >--- a/src/virtual/virtual.c >+++ b/src/virtual/virtual.c >@@ -183,6 +183,10 @@ > /* .IP "\fBvirtual_transport (virtual)\fR" > /* The default mail delivery transport and next-hop destination for > /* final delivery to domains listed with $virtual_mailbox_domains. >+/* .PP >+/* Available in Postfix version 2.4.7-r1 and later: >+/* .IP "\fBstrict_mailbox_ownership (yes)\fR" >+/* Defer delivery when a mailbox file is not owned by its recipient. > /* LOCKING CONTROLS > /* .ad > /* .fi >@@ -329,6 +333,7 @@ char *var_virt_mailbox_base; > char *var_virt_mailbox_lock; > int var_virt_mailbox_limit; > char *var_mail_spool_dir; /* XXX dependency fix */ >+bool var_strict_mbox_owner; > > /* > * Mappings. >@@ -504,6 +509,10 @@ int main(int argc, char **argv) > VAR_VIRT_MAILBOX_LOCK, DEF_VIRT_MAILBOX_LOCK, &var_virt_mailbox_lock, 1, 0, > 0, > }; >+ static const CONFIG_BOOL_TABLE bool_table[] = { >+ VAR_STRICT_MBOX_OWNER, DEF_STRICT_MBOX_OWNER, &var_strict_mbox_owner, >+ 0, >+ }; > > /* > * Fingerprint executables and core dumps. >@@ -513,6 +522,7 @@ int main(int argc, char **argv) > single_server_main(argc, argv, local_service, > MAIL_SERVER_INT_TABLE, int_table, > MAIL_SERVER_STR_TABLE, str_table, >+ MAIL_SERVER_BOOL_TABLE, bool_table, > MAIL_SERVER_PRE_INIT, pre_init, > MAIL_SERVER_POST_INIT, post_init, > MAIL_SERVER_PRE_ACCEPT, pre_accept,
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=161570">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 232642
:
161331
|
161366
|
161368
|
161569
| 161570 |
161572
|
162101
|
162102
